Search in sources :

Example 61 with RSAPublicKeySpec

use of java.security.spec.RSAPublicKeySpec in project android_frameworks_base by DirtyUnicorns.

the class AndroidKeyStoreKeyFactorySpi method engineGetKeySpec.

@Override
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpecClass) throws InvalidKeySpecException {
    if (key == null) {
        throw new InvalidKeySpecException("key == null");
    } else if ((!(key instanceof AndroidKeyStorePrivateKey)) && (!(key instanceof AndroidKeyStorePublicKey))) {
        throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". This KeyFactory supports only Android Keystore asymmetric keys");
    }
    if (keySpecClass == null) {
        throw new InvalidKeySpecException("keySpecClass == null");
    } else if (KeyInfo.class.equals(keySpecClass)) {
        if (!(key instanceof AndroidKeyStorePrivateKey)) {
            throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". KeyInfo can be obtained only for Android Keystore private keys");
        }
        AndroidKeyStorePrivateKey keystorePrivateKey = (AndroidKeyStorePrivateKey) key;
        String keyAliasInKeystore = keystorePrivateKey.getAlias();
        String entryAlias;
        if (keyAliasInKeystore.startsWith(Credentials.USER_PRIVATE_KEY)) {
            entryAlias = keyAliasInKeystore.substring(Credentials.USER_PRIVATE_KEY.length());
        } else {
            throw new InvalidKeySpecException("Invalid key alias: " + keyAliasInKeystore);
        }
        @SuppressWarnings("unchecked") T result = (T) AndroidKeyStoreSecretKeyFactorySpi.getKeyInfo(mKeyStore, entryAlias, keyAliasInKeystore, keystorePrivateKey.getUid());
        return result;
    } else if (X509EncodedKeySpec.class.equals(keySpecClass)) {
        if (!(key instanceof AndroidKeyStorePublicKey)) {
            throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". X509EncodedKeySpec can be obtained only for Android Keystore public" + " keys");
        }
        @SuppressWarnings("unchecked") T result = (T) new X509EncodedKeySpec(((AndroidKeyStorePublicKey) key).getEncoded());
        return result;
    } else if (PKCS8EncodedKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStorePrivateKey) {
            throw new InvalidKeySpecException("Key material export of Android Keystore private keys is not supported");
        } else {
            throw new InvalidKeySpecException("Cannot export key material of public key in PKCS#8 format." + " Only X.509 format (X509EncodedKeySpec) supported for public keys.");
        }
    } else if (RSAPublicKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStoreRSAPublicKey) {
            AndroidKeyStoreRSAPublicKey rsaKey = (AndroidKeyStoreRSAPublicKey) key;
            @SuppressWarnings("unchecked") T result = (T) new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent());
            return result;
        } else {
            throw new InvalidKeySpecException("Obtaining RSAPublicKeySpec not supported for " + key.getAlgorithm() + " " + ((key instanceof AndroidKeyStorePrivateKey) ? "private" : "public") + " key");
        }
    } else if (ECPublicKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStoreECPublicKey) {
            AndroidKeyStoreECPublicKey ecKey = (AndroidKeyStoreECPublicKey) key;
            @SuppressWarnings("unchecked") T result = (T) new ECPublicKeySpec(ecKey.getW(), ecKey.getParams());
            return result;
        } else {
            throw new InvalidKeySpecException("Obtaining ECPublicKeySpec not supported for " + key.getAlgorithm() + " " + ((key instanceof AndroidKeyStorePrivateKey) ? "private" : "public") + " key");
        }
    } else {
        throw new InvalidKeySpecException("Unsupported key spec: " + keySpecClass.getName());
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Example 62 with RSAPublicKeySpec

use of java.security.spec.RSAPublicKeySpec in project android_frameworks_base by AOSPA.

the class AndroidKeyStoreKeyFactorySpi method engineGetKeySpec.

@Override
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpecClass) throws InvalidKeySpecException {
    if (key == null) {
        throw new InvalidKeySpecException("key == null");
    } else if ((!(key instanceof AndroidKeyStorePrivateKey)) && (!(key instanceof AndroidKeyStorePublicKey))) {
        throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". This KeyFactory supports only Android Keystore asymmetric keys");
    }
    if (keySpecClass == null) {
        throw new InvalidKeySpecException("keySpecClass == null");
    } else if (KeyInfo.class.equals(keySpecClass)) {
        if (!(key instanceof AndroidKeyStorePrivateKey)) {
            throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". KeyInfo can be obtained only for Android Keystore private keys");
        }
        AndroidKeyStorePrivateKey keystorePrivateKey = (AndroidKeyStorePrivateKey) key;
        String keyAliasInKeystore = keystorePrivateKey.getAlias();
        String entryAlias;
        if (keyAliasInKeystore.startsWith(Credentials.USER_PRIVATE_KEY)) {
            entryAlias = keyAliasInKeystore.substring(Credentials.USER_PRIVATE_KEY.length());
        } else {
            throw new InvalidKeySpecException("Invalid key alias: " + keyAliasInKeystore);
        }
        @SuppressWarnings("unchecked") T result = (T) AndroidKeyStoreSecretKeyFactorySpi.getKeyInfo(mKeyStore, entryAlias, keyAliasInKeystore, keystorePrivateKey.getUid());
        return result;
    } else if (X509EncodedKeySpec.class.equals(keySpecClass)) {
        if (!(key instanceof AndroidKeyStorePublicKey)) {
            throw new InvalidKeySpecException("Unsupported key type: " + key.getClass().getName() + ". X509EncodedKeySpec can be obtained only for Android Keystore public" + " keys");
        }
        @SuppressWarnings("unchecked") T result = (T) new X509EncodedKeySpec(((AndroidKeyStorePublicKey) key).getEncoded());
        return result;
    } else if (PKCS8EncodedKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStorePrivateKey) {
            throw new InvalidKeySpecException("Key material export of Android Keystore private keys is not supported");
        } else {
            throw new InvalidKeySpecException("Cannot export key material of public key in PKCS#8 format." + " Only X.509 format (X509EncodedKeySpec) supported for public keys.");
        }
    } else if (RSAPublicKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStoreRSAPublicKey) {
            AndroidKeyStoreRSAPublicKey rsaKey = (AndroidKeyStoreRSAPublicKey) key;
            @SuppressWarnings("unchecked") T result = (T) new RSAPublicKeySpec(rsaKey.getModulus(), rsaKey.getPublicExponent());
            return result;
        } else {
            throw new InvalidKeySpecException("Obtaining RSAPublicKeySpec not supported for " + key.getAlgorithm() + " " + ((key instanceof AndroidKeyStorePrivateKey) ? "private" : "public") + " key");
        }
    } else if (ECPublicKeySpec.class.equals(keySpecClass)) {
        if (key instanceof AndroidKeyStoreECPublicKey) {
            AndroidKeyStoreECPublicKey ecKey = (AndroidKeyStoreECPublicKey) key;
            @SuppressWarnings("unchecked") T result = (T) new ECPublicKeySpec(ecKey.getW(), ecKey.getParams());
            return result;
        } else {
            throw new InvalidKeySpecException("Obtaining ECPublicKeySpec not supported for " + key.getAlgorithm() + " " + ((key instanceof AndroidKeyStorePrivateKey) ? "private" : "public") + " key");
        }
    } else {
        throw new InvalidKeySpecException("Unsupported key spec: " + keySpecClass.getName());
    }
}
Also used : X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) ECPublicKeySpec(java.security.spec.ECPublicKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException)

Example 63 with RSAPublicKeySpec

use of java.security.spec.RSAPublicKeySpec in project azure-tools-for-java by Microsoft.

the class SimpleTokenValidator method validateSignature.

@Override
public Boolean validateSignature(final Token token) {
    if (token == null) {
        throw new PreconditionException("Required parameter is null");
    }
    if (algorithmConfigurationService.get().getAlgorithmClassMap().get(token.getAlgorithm().getName()).equals("HMAC")) {
        return Boolean.FALSE;
    }
    final Configuration configuration = configurationCache.load();
    if (configuration == null) {
        throw new GeneralException("Error loading configuration");
    }
    try {
        final TimeStamp now = timeStampFactory.createTimeStamp(System.currentTimeMillis() / 1000);
        if (configuration.getKey(token.getKeyName()).getNotBefore().compareTo(now) > 0) {
            return Boolean.FALSE;
        }
        final Base64 decoder = new Base64();
        final BigInteger exponent = new BigInteger(1, decoder.decode(configuration.getKey(token.getKeyName()).getExponent().getValue()));
        final BigInteger modulus = new BigInteger(1, decoder.decode(configuration.getKey(token.getKeyName()).getSecret().getValue()));
        final RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(modulus, exponent);
        final KeyFactory keyFactory = KeyFactory.getInstance(algorithmConfigurationService.get().getAlgorithmClassMap().get(token.getAlgorithm().getName()));
        final PublicKey pubKey = keyFactory.generatePublic(pubKeySpec);
        final Signature sig = Signature.getInstance(algorithmConfigurationService.get().getAlgorithmMap().get(token.getAlgorithm().getName()));
        sig.initVerify(pubKey);
        sig.update(token.getPayload().getValue().getBytes());
        return sig.verify(decoder.decode(token.getSignature().getValue()));
    } catch (NoSuchAlgorithmException | InvalidKeySpecException | SignatureException | InvalidKeyException e) {
        LOGGER.error(e.getMessage(), e);
        return Boolean.FALSE;
    }
}
Also used : GeneralException(com.microsoft.azure.oidc.exception.GeneralException) Base64(org.apache.commons.codec.binary.Base64) Configuration(com.microsoft.azure.oidc.configuration.Configuration) PublicKey(java.security.PublicKey) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException) TimeStamp(com.microsoft.azure.oidc.common.timestamp.TimeStamp) PreconditionException(com.microsoft.azure.oidc.exception.PreconditionException) Signature(java.security.Signature) BigInteger(java.math.BigInteger) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) KeyFactory(java.security.KeyFactory)

Example 64 with RSAPublicKeySpec

use of java.security.spec.RSAPublicKeySpec in project azure-sdk-for-java by Azure.

the class KeyOperationsTest method getWellKnownKey.

private static KeyPair getWellKnownKey() throws Exception {
    BigInteger modulus = new BigInteger("27266783713040163753473734334021230592631652450892850648620119914958066181400432364213298181846462385257448168605902438305568194683691563208578540343969522651422088760509452879461613852042845039552547834002168737350264189810815735922734447830725099163869215360401162450008673869707774119785881115044406101346450911054819448375712432746968301739007624952483347278954755460152795801894283389540036131881712321193750961817346255102052653789197325341350920441746054233522546543768770643593655942246891652634114922277138937273034902434321431672058220631825053788262810480543541597284376261438324665363067125951152574540779");
    BigInteger publicExponent = new BigInteger("65537");
    BigInteger privateExponent = new BigInteger("10466613941269075477152428927796086150095892102279802916937552172064636326433780566497000814207416485739683286961848843255766652023400959086290344987308562817062506476465756840999981989957456897020361717197805192876094362315496459535960304928171129585813477132331538577519084006595335055487028872410579127692209642938724850603554885478763205394868103298473476811627231543504190652483290944218004086457805431824328448422034887148115990501701345535825110962804471270499590234116100216841170344686381902328362376624405803648588830575558058257742073963036264273582756620469659464278207233345784355220317478103481872995809");
    BigInteger primeP = new BigInteger("175002941104568842715096339107566771592009112128184231961529953978142750732317724951747797764638217287618769007295505214923187971350518217670604044004381362495186864051394404165602744235299100790551775147322153206730562450301874236875459336154569893255570576967036237661594595803204808064127845257496057219227");
    BigInteger primeQ = new BigInteger("155807574095269324897144428622185380283967159190626345335083690114147315509962698765044950001909553861571493035240542031420213144237033208612132704562174772894369053916729901982420535940939821673277140180113593951522522222348910536202664252481405241042414183668723338300649954708432681241621374644926879028977");
    BigInteger primeExponentP = new BigInteger("79745606804504995938838168837578376593737280079895233277372027184693457251170125851946171360348440134236338520742068873132216695552312068793428432338173016914968041076503997528137698610601222912385953171485249299873377130717231063522112968474603281996190849604705284061306758152904594168593526874435238915345");
    BigInteger primeExponentQ = new BigInteger("80619964983821018303966686284189517841976445905569830731617605558094658227540855971763115484608005874540349730961777634427740786642996065386667564038755340092176159839025706183161615488856833433976243963682074011475658804676349317075370362785860401437192843468423594688700132964854367053490737073471709030801");
    BigInteger crtCoefficient = new BigInteger("2157818511040667226980891229484210846757728661751992467240662009652654684725325675037512595031058612950802328971801913498711880111052682274056041470625863586779333188842602381844572406517251106159327934511268610438516820278066686225397795046020275055545005189953702783748235257613991379770525910232674719428");
    KeySpec publicKeySpec = new RSAPublicKeySpec(modulus, publicExponent);
    KeySpec privateKeySpec = new RSAPrivateCrtKeySpec(modulus, publicExponent, privateExponent, primeP, primeQ, primeExponentP, primeExponentQ, crtCoefficient);
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    return new KeyPair(keyFactory.generatePublic(publicKeySpec), keyFactory.generatePrivate(privateKeySpec));
}
Also used : RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec) KeyPair(java.security.KeyPair) RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec) KeySpec(java.security.spec.KeySpec) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) BigInteger(java.math.BigInteger) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) KeyFactory(java.security.KeyFactory)

Example 65 with RSAPublicKeySpec

use of java.security.spec.RSAPublicKeySpec in project robovm by robovm.

the class SignatureTest method testVerify_MD5withRSA_Key_Success.

public void testVerify_MD5withRSA_Key_Success() throws Exception {
    KeyFactory kf = KeyFactory.getInstance("RSA");
    RSAPublicKeySpec keySpec = new RSAPublicKeySpec(RSA_2048_modulus, RSA_2048_publicExponent);
    PublicKey pubKey = kf.generatePublic(keySpec);
    Signature sig = Signature.getInstance("MD5withRSA");
    sig.initVerify(pubKey);
    sig.update(Vector2Data);
    assertTrue("Signature must match expected signature", sig.verify(MD5withRSA_Vector2Signature));
}
Also used : PublicKey(java.security.PublicKey) Signature(java.security.Signature) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) KeyFactory(java.security.KeyFactory)

Aggregations

RSAPublicKeySpec (java.security.spec.RSAPublicKeySpec)85 KeyFactory (java.security.KeyFactory)61 PublicKey (java.security.PublicKey)48 RSAPublicKey (java.security.interfaces.RSAPublicKey)30 BigInteger (java.math.BigInteger)24 Signature (java.security.Signature)22 PrivateKey (java.security.PrivateKey)20 RSAPrivateKeySpec (java.security.spec.RSAPrivateKeySpec)17 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)14 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)12 Cipher (javax.crypto.Cipher)12 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)10 SecretKeyFactory (javax.crypto.SecretKeyFactory)10 IOException (java.io.IOException)9 X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)9 RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)8 KeySpec (java.security.spec.KeySpec)8 KeyPair (java.security.KeyPair)7 RSAPrivateCrtKeySpec (java.security.spec.RSAPrivateCrtKeySpec)6 InvalidKeyException (java.security.InvalidKeyException)5